Description:
Remote code execution vulnerabilities exist when Internet Explorer improperly
accesses objects in memory. These vulnerabilities could corrupt memory in such
a way that an attacker could execute arbitrary code in the context of the
current user.

Description:
An information disclosure vulnerability exists in Microsoft Windows when the
Windows DirectWrite library improperly handles OpenType fonts. An attacker who
successfully exploited this vulnerability could potentially read data which was
not intended to be disclosed. Note that this vulnerability would not allow an
attacker to execute code or to elevate their user rights directly, but it could
be used to obtain information that could be used to try to further compromise
the affected system.

Description:
A remote code execution vulnerability exists in Microsoft Windows when a
specially crafted Journal file is opened in Windows Journal. An attacker who
successfully exploited this vulnerability could cause arbitrary code to execute
in the context of the current user. If a user is logged on with administrative
user rights, an attacker could take complete control of the affected system. An
attacker could then install programs; view, change, or delete data; or create
new accounts with full user rights. Users whose accounts are configured to have
fewer user rights on the system could be less impacted than users who operate
with administrative user rights.

Description:
A denial of service vulnerability exists in Microsoft .NET Framework that could
allow an unauthenticated attacker to degrade the performance of a .NET-enabled
website and disrupt the availability of applications that use Microsoft .NET
Framework. The vulnerability exists when Microsoft .NET Framework attempts to
decrypt certain specially crafted XML data.

Description:
Information disclosure vulnerabilities exist when the Windows kernel-mode
driver leaks private address information during a function call, which could
allow the disclosure of kernel memory contents revealing information about the
system to an attacker. The information disclosure vulnerabilities by themselves
do not allow arbitrary code execution. However, an attacker could use them in
conjunction with another vulnerability to bypass security features, such as
Address Space Layout Randomization (ASLR).

Description:
A security feature bypass vulnerability exists when the Windows kernel fails to
properly validate which mode the request comes from, allowing an attacker to
retrieve information that could lead to a Kernel Address Space Layout
Randomization (KASLR) bypass.

Description:
This vulnerability allows an unauthenticated attacker to create a denial of
service condition if the attacker can convince a user to open a share
containing a specially crafted .msc file. However, the attacker has no means to
force a user to visit the share or view the file.www.wecloud.seinfo@wecloud.se